We pick the top ten Top tools

7: Ptop

Two database tools appear in the top 10. At seventh place is Ptop [6] (see Figure 4). Any administrator who has worked with PostgreSQL will be interested in this tool because Ptop provides an overview of all your database processes, at the same time displaying information such as the SQL statements currently being processed. But that's not all: Ptop also gives you details of locks and statistics for individual tables and indices (Figure 5).

Figure 4: Ptop gives you details of locks and statistics for individual tables and indices. Ptop will give you the query plan for any currently active query, providing you stipulate E for EXPLAIN.

Figure 5: Ptop's R option gives you statistics, including details like the number of sequential reads and writes from and to the PostgreSQL table.

To launch Ptop, enter pg_top -d database -U database_user -W password. The command takes the user to an interactive shell, where a number of shortcuts are available (Table 1).

Ptop is available for Linux, BSD, and Mac OS. For more screenshots and details, go to the website [7].

6: Dnstop

Dnstop [8] uses the Pcap library to filter all the DNS queries on a computer's network interface and list them neatly. The dnstop network_device -t -s command gives you a list of DNS queries in a Top-style, configurable view. Table 2 shows some Dnstop shortcuts.

When you enter a question mark, ?, Dnstop displays the integrated online help. At the same time, Dnstop offers two combined views that give users several pieces of information at a glance. The @ entry lets you display the source of the query along with the second-level domain target-side, along with the volume and percentage of all DNS traffic. The # option gives you the same results, but with a complete third-level domain name (Figure 6).

Figure 6: Entering "#" in Dnstop gives the administrator an at-a-glance overview of the DNS queries issued on a computer.

If you use Dnstop on a router, you can also detect undesirable DNS tunnels. A client on a local network that exchanges a large volume of data via a DNS server will be exposed quickly.

5: Iftop

Snapshots and a traffic overview for all active network connections are Iftop's [9] specialty. Just like Top, it sorts connections by activity and offers a jam-packed action set while doing so (see Figure 7).

Figure 7: Iftop displays the process for a connection and distributes the network traffic neatly over individual bar charts. The summary is shown at the top and bottom edges of the screen.

Administrators can press H to view online help and configure the view. Throughput is not only displayed as a figure, but also by a bar chart. Iftop adjusts the scale at the top of the screen to reflect the amount of bandwidth used.

Various options allow users to disable DNS name resolution, hide sources and targets, and sort on various columns. At the bottom edge of the display, you can see the average and accumulated values and sums for the Ethernet device sorted by input and output.

The comprehensive filtering options are really exciting for network administrators and can be entered either in interactive mode (after entering iftop -f options) or by pressing the F key. For example, -f icmp displays ICMP packages only. The familiar Tcpdump style can be inverted by making a selection – for example: not port ssh.

The -F option tells Iftop to automatically filter out individual hosts, or complete networks, leaving only those that match the selected network mask: iftop -F 192.168.0.0/24 is an example for a local network. For more information on the numerous options, see the man pages online [10].

At some point, any service that can't run fast enough will be put on the web. So, why not do this for remote login? With a little JavaScript and CSS wizardry, a software tool called "Shell In A Box" sends a shell to the browser.

Just as a craftsman is unlikely to purchase a new angle grinder every month, sys admins are unlikely to change constantly their tried and trusted tools. Columnist Charly Kühnast ditches this conservative philosophy this month, lured by the charms of a new logfile tool.